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SUPPLEMENTAL ADVLSORY ACTION 

1. This communication is in response Amendment After-Final filed 08/06/09 and Petition 
under 37 CFR §1.181 filed 09/02/09 (hereafter referred to as the "Petition"). 

2. Claims 1-35, 37-46 as filed 03/26/09 remain pending in instant application, wherein 
claims 37-46 are withdrawn bom consideration, claims 1-35 stand rejected and claim 36 was 
canceled. 

3. Objective of this supplemental advisory action is to supplement/clarify issues raises both 
in the advisory action and the Petition above mentioned. 

4. SHORTENED STATUTORY PERIOD FOR REPLY STANDS SET according to the 
guidelines provided in Final Rejection mailed 07/20/09 and/or Advisory Action mailed 08/21/09. 

5. Supplemental response includes: 

(A) Effective Priority Date of Leonard 

Showing as to whether the provisional 60/469,558 can be relied upon to teach the 
claimed hrnitalioii. ' at least one designated Virtual Private Server (VPS) with a set of services 
that perform administrative operations, wherein the designated VPS provides administrative 
services to each of the server processes. . ." 

Regarding Claim 1, Provisional 60/469558 ('558 here after) teaches a system for managing 
administration of computer services provided to users comprising: 
a computer system (Fig. 1.1); 

an operating system running on the computer system (p. 1, virtualizing operating system 
services allowing one or more process to run in isolation); 

a plurality of server processes running on the computer system, wherein the processes 
provide services (e.g. Apache, Oracle, OpenSSH, etc. on Fig. 1.1) to a plurality of remote users 
(Fig. 1.1 on p. 3 and subdivided system services among customers see p. 2); and 

at least one designated Virtual Private Server VPS (Zones on Fig. 1.1 on p. 3) with a set 
of services that perform administrative operations (Virtualization. . .any actions taken by 
administrator on p. 2), wherein the designated VPS provides administrative services to each of 
the server processes and wherein the designated VPS is isolated by a logical isolation of 
processes (process isolation page 2, section 1.1, also section 1.2 (1.) Isolation on p. 4). 



(B) Propriety of Final Rejections under U.S.C. §102(a) based on Leonard et. al. (US 
7,188,120) 
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Showing where the references teaches the claimed limitation, "at least one designated 
Virtual Private Server (VPS) with a set of services that perform administrative operations, 
wherein the designated VPS provides administrative services to each of the server processes. . ." 



Regarding claim 1, LEONARD teaches a system for managing administration of computer 
services provided to users comprising: 

a computer system (400 of Fig. 4); 

an operating system (OS) running on the computer system (col 3/lines 6-20); 

a plurality of server processes (170) running on the computer system, wherein the 
processes provide services to a plurahty of remote users (col 3/lines 21-35, e.g. host applications 
such as websites i.e. services col 3/lines 36-col 4/line 6); and 

at least one designated Virtual Private Server VPS (VOSE) with a set of services that 
perform administrative operations (col 3/lines 20-35), 

wherein the designated VPS provides administrative services to each of the server 
processes (col 4/lines 6-30, i.e. any number of administrative tasks) and wherein the designated 
VPS is isolated by a logical isolation of processes (col 3/lines 39-col 4/line 4 , i.e. isolated such 
that each process behave like virtual standalone computer). 



(C) Propriety of Final Rejections under U.S.C. §102(a) based on TechOne Hosting 

Showing where the references teaches the claimed limitation, "at least one designated 
Virtual Private Server (VPS) with a set of services that perform administrative operations, 
wherein the designated VPS provides administrative services to each of the server processes. . ." 

{This document contains a total of 30 pages, namely, 1-13, 1-4 and 1-12 and hereafter 
will be referred to accordingly) 

Referring to claim 1, TechOne-Hosting discloses a hosting platform with Virtual Private Server 
(VPS) technology system (p. 2 of 13) for managing administration of computer services provided 
to users (Managed services & Admin Tools p. 2 of 4, administration functions to services 
provided, p. 1 of 4) comprising; 

a computer system (physical server, p. 4 of 13); 

an operating system running on the computer system (selectable platform p. 7 of 13); 

a plurality of server processes rumiing on the computer system (processes resources p. 7 
of 13, server running dedicated application services p. 4 of 13). wherein the processes provide 
services to a plurality of remote users (e.g. Web services, Mail. FTP, etc. p. 5-6 of 13); and 

a designated Virtual Private Server VPS (dedicated server with VPS technology, p. 1 of 
13) with a set of services that perform administrative services (administration tools, web 
developer tools/suite p. 12 of 13, advanced resource management services p. 4 of 13, iManager 
control panel p. 5 of 12, administration services p. 1 of 4, log analyzer tools p. 9 of 13), wherein 
the designated VPS provides administrative services to each of the server processes (e.g.. 
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services, i.e. software is not shared for each VPS, independent and dedicated set of applications 
services p. 4 of 13) and 

wherein the designated VPS is isolated by a logical isolation of processes (unmatched 
isolation, each VPS operating in its own space, independently, in private and protected area, p. 3- 
4 of 13). 
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(E) Effective Priority Date of Leonard 

A showing of where each cited portion of the Leonard reference (US 7,188,120) subject 
matter finds support imder 35 USC 112, first paragraph, in the written description of the 
specification in the provisional application 60/469,558 to which priority is claimed. 



Provisional 60/469,558 



US 7188120 (Portions relied upon) 



Chapter 2: First paragraph, page 7 tlirough third 
paragraph, page 8. Details of Operating system, 
Unix System, Solaris Operating system, FTP 
Servers, Device nodes. Trusted Solaris Operating 
Environment, virtual machines. 

Chapter 1: Figure 1.1 page 3, Details of storage 
complex, remote admin/monitoring, CPU, disk 
space. First paragraph, page 1, Details of virtual 
web hosting, Unix Server, Solaris System, 
Traditional server components. 

Chapter 10, First paragraph , page 63, Details of 
Solaris, CPU, physical memory, processes, virtual 
machine. 

Chapter 1 1 : Second last paragraph, page 68, 
Details of IPC, persistent objects, shared memory, 
message queues, processes, kernel. 



Chapter 3: Sixth Paragraph, page 11, Details of 
global zone and non-global zone. 

Chapter 3: First paragraph, page 9 through Fourth 
paragraph, page 12. Details of global zone, global 
administrator. 



Chapter 3: Figure 3.1, Details of Zone st 



Column 3 

(10) FIG. 1 illustrates a fimctional block 
diagram of an OSE 100 in accordance with one 
embodiment of the present invention. OSE 100 
may be derived by executing an operating 
system (OS) in a general-purpose computer 
system, such as computer system 400 illustrated 
in FIG. 4, for example. Although FIG. 4 depicts 
a system that contains centralized component 
resources, embodiments may be implemented on 
systems that comprise remotely distributed 
component resources (e.g., processors, memory, 
persistent storage, etc.) that access each other via 
a network. For illustrative purposes, the OS is 
assumed to be Solaris. TM. manufactured by 
Sun Microsystems, Inc. of Santa Clara, Calif. 
However, the concepts taught herein may be 
applied to any OS, including but not limited to 
Unix, Linux, Microsoft Windows, MacOS, etc. 



(11) As shown in FIG. 1 , OSE 100 may 
comprise one or more zones (also referred to 
herein as partitions), including a global zone 13 
and zero or more non-global zones 140. The 
global zone 130 is the general OSE that is 
created when the OS is booted and executed, and 
serves as the defatilt zone in which processes 
may be executed if no non-global zones 140 are 
created. In the global zone 130, administrators 
and/or processes having the proper rights and 
privileges can perform generally any task and 
access any device/resource that is available on 
the computer system on which the OS is nm. 
Thus, in the global zone 130, an administrator 
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can administer the entire computer system. 
In one embodiment, it is in the global zone 130 
that an administrator executes processes to 
configure and to manage the non-global zones 
140. 



Chapter 1: First paragraph, page 2, Details of 
Virtualization and zones providing a virtualized 



Chapter 12: First paragraph, page 71, Details of 
Solaris packaging system. 



Chapter 9: Last paragraph, page 52, Details of 

Fully Virtual Devices. 



Chapter 9: First paragraph, page 54, Details of 
Namespace, Solaris virtual operating system 



Chapter 8: Last two paragraphs, page 44, Details 
of network interfaces with global zone and i 
global zone, logical i 
administrators. 



Chapter 1: Figure 1.1, page 3, Details of different 
websites, blueslugs.com, foo.net, beck.org, web 
services, isolated network services, core 



(12) The non-global zones 140 represent 
separate and distinct partitions of the OSE 100. 
Each of non-global zones 140 may be viewed as 
a virtual operating system environmenl 
("VOSE"). One of the purposes of the non- 
global zones 140 is to provide isolation. In one 
embodiment, a non-global zone 140 can be used 
to isolate a number of entities, including but not 
limited to processes 170, one or more file 
systems 180, and one or more logical network 
interfaces 182. Because of this isolation, 
processes 170 executing in one non-global zone 
140 cannol access or affect processes in any 
other /one. Similarly, processes 1 70 in a non- 
global zone 140 cannol access or allbcl the file 
system 180 of another zone, nor can they access 
or affect the network interface 182 of another 
zone. As a result, the processes 170 in a non- 
global zone 140 are limited to accessing and 
affecting the processes and entities in that zone. 
Isolatcd 'm this manner, each non-global /one 
140 behaves like a virtual slandalone computer. 
While processes 1 70 in different non-global 
zones 140 cannot access or affect each other, it 
should be noted that they may be able to 
communicate with each other via a network 
connection through their respective logical 
network interfaces 182. This is similar to how 
processes on separate standalone computers 
communicate with each other. 

(13) Having non-global zones 140 that are 
isolated fi-om each other may be desirable in 
many applications. For example, if a single 
computer system running a single instance of an 
OS is to be used to host applications for different 
competitors (e.g., competing websites), then it 
would be desirable to isolate the data and 
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Chapter 1: Third paragraph, page 1, Details of 
Security, Isolation, network services, prevent 
security violation. 



Chapter 8: First paragraph, page 44, Details of 
partitioning of global and non-global zones. 

Chapter 1: Figure 1.1, page 3, Details of different 
websites, blueslugs.com, foo.net, beck.org, web 
services, isolated network services, core 
processes. 

Chapter 3: Sixth Paragraph, page 11, Details of 
non-global zone administration. 

Chapter 3: First paragraph, page 9 through Fourth 
paragraph, page 12. Details of global zone, global 
admiiiislralion to pcrfonn administrator task. 

Chapter 3; First paragraph, page 13, Details of 
Zone Administration. 

Chapter 3: First paragraph, page 18, Details of 
Zone System controller, high level of privilege, 
global and non-global zone command processes. 

Chapter 5, Second paragraph, page 28, Details of 
Zone Privilege Limits. 



Chapter 3, Second paragraph, page 19, 
Monitoring and Controlling Zone processes, 
global zone administrator, control processes, 
access, control, allocate resources. 

Chapter 4, First paragraph, page 23, Details of 
zone commands, establish operational 



processes of one competitor from the data and 
processes of another competitor. That way, it 
can be ensured that information will not be 
leaked between the competitors. 



Column 4 

Partitioning an OSE 100 into non-global zones 
140 is one possible way of achieving this 
isolation. Competing applications (e.g., 
websites) may then be hosted in separate non- 
global zones 140. 



(14) In one embodiment, each non-global zone 
140 may be administered separately. More 
specifically, it is possible to assign a zone 
administrator to a particular non-global zone 140 
and grant that zone administrator rights and 
privileges to manage various aspects of that non- 
global zone 140. With such rights and 
privileges, the zone administrator can perform 
any number of administrative tasks that affect 
the processes and other entities within that 
non-global zone 140. However, the zone 
administrator cannot change or affect 
anything in an\ other non-global zone 140 or the 
global /one 1 i hus, in the above example, 
each competitor can administer his/lier zone, and 
hence, his/her own set of applications, but 
cannot change or affect the applications of a 
competitor. In one embodiment, to prevent a 
non-global zone 140 from affecting other zones, 
the entities in a non-global zone 140 generally 
are not allowed to access or control any of the 
physical devices of the computer system. 

(15) In contrast to a non-global zone 
administrator, a global zone administrator with 
proper rights and privileges may administer all 
aspects of the OSE 100 and the computer system 
as a whole. Thus, a global zone administrator 
may, for example, access and control physical 
devices, allocate and control system resources. 
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parameters. 



Chapter 11, Last two paragraphs, page 69, Details 
of Event Channels, IPC, Kernel memory. 



Chapter 11, Third paragraph, page 69, Details of 
IPC interfaces, network interfaces, non-global 
zones and global zones, IPC, Kernel memory. 

Chapter 7, First paragraph, page 37, Details of 
File Systems, Virtualization of storage in a zone, 
global administrator for mapping files systems. 



Chapter 3: Figure 3.1, Details of Zone state 

Chapter 3: Last paragraph, page 9, Details of non- 
global states, configured, installed, ready, 
running. 

Chapter 3, Second paragraph, page 11, Details of 
zonecf to specify all the configuration parameters. 

Chapter 3, page 11, Details of resources types 
having properties, zone name, zone ID, root path, 
file system, network interface, devices. 

Chapter 3, First paragraph, page 12, Details of 
resource controls for different states for the zone 
created and resource pool assignments. 



establish operational parameters, etc. A global 
zone administrator may also access and control 
processes and entities within a non-global zone 
140. 

(16) In one embodiment, kernel 150 enforces 
the zone boundaries. More specifically, kernel 
150 ensures that processes 170 in one non-global 
zone 140 are not able to access or affect 
processes 170, file systems 180, and network 
interfaces 182 of another zone (non-global or 
global). In addition to enforcing the zone 
boundaries, kernel 150 also provides a number 
of other services. These services include but are 
not limited to mapping the network interfaces 
182 of the non-global zones 140 to the physical 
network devices 120 of the computer system, 
and mapping the file systems 180 of the non- 
global /ones 1 40 lo an overall file system and a 
physical storage 1 1 0 of the computer system. 

(17) Non-Global Zone States 

(18) In one embodiment, a non-global zone 140 
may take on one of four states: (1) Configured; 
(2) Installed; (3) Ready; and (4) Running. When 
a non-global zone 140 is in the Configured state, 
it means that an administrator in the global zone 
130 has invoked an operating system utility (in 
one embodiment, zonecfg(lm)) to specify all of 
the configuration parameters of a non-global 
zone 140, and has saved that configuration in 
persistent physical storage 1 10. In configuring a 
non-global zone 140, an administrator may 
specify a number of different parameters. These 
parameters may include, but are not limited to, a 
zone name, a zone path to the root directory of 
the zone's file system 180. specification of one 
or more file systems to be mounted when the 
zone is created, specificaiion ol zero or more 
network interfaces, specification of devices to be 
configured when the zone is created, and zero or 
more resource pool associations. 
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Chapter 3: First paragraph, page 13, Details of 
Zone Ad 

Chapter 3: Second paragraph, page 13, Details of 
listing zones for directories including root 
directory and sub directories. 

Chapter 3: Third paragraphs, page 13, Details of 
Installing zones for the file system, files, 
directories. 


(19) Once a zone is in the Configured state, a 
global administrator may invoke another 
operating system utility (in one embodiment, 
zoneadm(lm)) to put the zone into the Installed 
state. When invoked, the operating system 
utility interacts with the kernel 150 to install all 
of the necessary files and directories into the 
zone's root directory, or a subdirectory thereof. 


Chapter 3: First paragraph, page 13, Details of 
Zone Administration for non-global zone and 
global zone. 

Chapter 3: Third paragraph, page 13, Details of 
booting zones, zoneadmd, running, configured, 
verify, install. 

Chapter 3; Third paragraph, page 13, Details of 
Installing zones for the file system, files, 
directories. Details of halting zones, zone ID, 
ZONENAME. 

Chapter 3, Second paragraph, page 13, Details of 

Chapter 6, figure 6.1, page 36, Details of 
zonename, kernel resource, kernel processes, 
viewed from the global zone and a non-global 

Chapter 9, Last paragraph, page 55, Details of 
Ready state of non-global zone. 

Chapter 4, Firth paragraph, page 22, Details of 
System Log Daemon, kernel, virtual platform for 
non-global zone and global zone. 

Chapter 13, Second paragraph, page 77, Details 
of kernel modules for global zone and non-global 


Column 5 

(20) To put an Installed zone into the Ready 
state, a global administrator invokes an 
operating system utility (in one embodiment, 
zoneadm(lm) again), which a zoneadmd process 
162 causes to be started (there is a zoneadmd 
process associated with each non-global zone). 
In one embodiment, zoneadmd 162 runs 
within the global zone 130 and is responsible for 
managing its associated non-global zone 140. 
After zoneadmd 162 is started, it interacts with 
the kernel 150 to establish the non-global zone 
140. In creating a non-global zone 140, a 
number of operations are performed, including 
but not limited to assigning a zone ID, starting a 
zsched process 164 (zsched is a kernel process; 
however, it runs within the non-global /one 140, 

with the non-global zone 140). mounting file 
systems 180. plumbing network interfaces 182, 
configuring devices, and setting resource 
controls. These and other operations put the 
non-global zone 140 into the Ready state to 
prepare it for normal operation. 

(21) Putting a non-global zone 140 into the 
Ready state gives rise to a virtual platform on 
which one or more processes may be executed. 
This virtual platform provides the infrastructure 
necessary for enabling one or more processes to 
be executed within the non-global zone 140 in 
isolation from processes in other non-global 
zones 140. The virtual platform also makes it 
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Chapter 9, Last paragraph, page 55, Details of 
Device Management, Zone Runtime, Ready stab 
Running state 



Chapter 7, Second paragraph, page 41, Details of 
Autoofs for virtual standalone conputer. 

Chapter 9, Second paragraph, page 51, Details of 
virtualization and virtual platform provided by 
non-global zone independent of any processes. 



Chapter 3: Figure 3.1, Details of Zone state 
model containing non-global zone in a ready stats 
and then in running state. 

Chapter 3: Third paragraph, page 13, Details of 
zoneadmd to start initialization process. 



Chapter 3: Third paragraph, page 13, Details of 
Installing zones for the file systems, network 
interfaces, application environment with user 
processes in the virtual platform. 

Chapter 9, Last paragraph, page 55, Details of 
processes executing within non-global zone. 



Chapter 3: Figure 3.1, Details of Zone state 
model containing non-global zone in running 



possible to isolate other entities such as file 
system 180 and network interfaces 182 within 
the non-global zone 140, so that the zone 
behaves like a virtual standalone computer. 
When a non-global zone 140 is in the Ready 
state, no user or non-kemel processes are 
executing inside the zone (as is mentioned 
above, zsched is a kernel process, not a user 
process). Thus, the virtual platform provided by 
the non-global zone 140 is mdcpcndcni of any 
processes executing within the zone. Put 
another way, the zone and hence, the virtual 
platform, exists even if no user or non-kemel 
processes are executing within the zone. This 
means that a non-global zone 140 can remain in 
existence from the time it is created until either 
the zone or the OS is terminated. The life 
of a non-global zone 140 need not be limited to 
the duration of any user or non-kcmcl process 
executing withm the zone. 

(22) After a non-global zone 140 is in the 
Ready state, it can be transitioned into the 
Running state by executing one or more user 
processes in the zone. In one embodiment, this 
is done by having zoneadmd 162 start an init 
process 1 72 in its associated zone. Once started, 
the init process 172 looks in the file system 180 
of the non-global zone 140 to determine what 
applications to run. The init process 172 then 
executes those applications to give rise to one or 
more other processes 174. In this manner, an 
application environment is initiated on the 
virtual platform of the non-global zone 140. 

In this application environment, all processes 
170 are confined to the non-global zone 140; 
thus, they cannot access or affect processes, file 
systems, or network interfaces in other zones. 
The application environment exists so long as 
one or more user processes are executing within 
the non-global zone 140. 

(23) After a non-global zone 140 is in the 
Running state, its associated zoneadmd 162 can 
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Chapter 3: Third paragraph, page 13, Details of 
zoneadmd to initiate and control number of zone 
administrative tasks. 

Chapter 3: Third paragraph, page 13, Details of 
booting zones, halting rebooting, running, 
configured, verify, restart, install non-global 



Chapter 3: Third paragraph, page 13, Details of 
Installing zones for the file systems, network 
interfaces, application environment with user 
processes in the virtual platform. 



be used to manage it. Zoneadmd 162 can be 
used to initiate and control a number of zone 
administrative tasks. These tasks may include, 
for example, halting and rebooting the non- 
global zone 140. When a non-global zone 140 is 
halted, it is brought from the Running state 
down to the Installed state. In effect, both the 
application environment and the virtual platform 
are tenninated. When a non-global zone 140 is 
rebooted, it is brought from the Running state 
down to the Installed state, and then transitioned 
from the Installed state through the Ready state 
to the Running state. In effect, both the 
application environment and the virtual platform 
are terminated and restarted. 
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